Refactor unauthorized response

Use ErrorWithStatus for unauthorized errors to set the WWW-Authenticate
header.

Author: lovasoa

src/render.rs

@@ -44,10 +44,10 @@
 use crate::templates::SplitTemplate;
 use crate::webserver::http::RequestContext;
 use crate::webserver::response_writer::{AsyncResponseWriter, ResponseWriter};
+use crate::webserver::ErrorWithStatus;
 use crate::AppState;
 use actix_web::cookie::time::format_description::well_known::Rfc3339;
 use actix_web::cookie::time::OffsetDateTime;
-use actix_web::http::header::ContentType;
 use actix_web::http::{header, StatusCode};
 use actix_web::{HttpResponse, HttpResponseBuilder};
 use anyhow::{bail, format_err, Context as AnyhowContext};
@@ -323,15 +323,9 @@ impl HeaderContext {
                     Redirecting to the login page...",
                 )
         } else {
-            let mut resp_builder = actix_web::HttpResponse::build(StatusCode::UNAUTHORIZED);
-            resp_builder.content_type(ContentType::plaintext());
-            resp_builder.insert_header((
-                header::WWW_AUTHENTICATE,
-                header::HeaderValue::from_static(
-                    "Basic realm=\"Authentication required\", charset=\"UTF-8\"",
-                ),
-            ));
-            resp_builder.body("Sorry, but you are not authorized to access this page.")
+            anyhow::bail!(ErrorWithStatus {
+                status: StatusCode::UNAUTHORIZED
+            })
         };
         self.has_status = true;
         Ok(PageContext::Close(http_response))

src/webserver/error.rs

@@ -7,8 +7,8 @@ use crate::webserver::ErrorWithStatus;
 use crate::AppState;
 use actix_web::error::UrlencodedError;
 use actix_web::http::{header, StatusCode};
-use actix_web::{HttpRequest, HttpResponse};
 use actix_web::HttpResponseBuilder;
+use actix_web::{HttpRequest, HttpResponse};
 use handlebars::{Renderable, StringOutput};
 use serde_json::json;
 
@@ -58,6 +58,12 @@ fn anyhow_err_to_actix_resp(e: &anyhow::Error, state: &AppState) -> HttpResponse
 
     if let Some(&ErrorWithStatus { status }) = e.downcast_ref() {
         resp.status(status);
+        if status == StatusCode::UNAUTHORIZED {
+            resp.append_header((
+                header::WWW_AUTHENTICATE,
+                "Basic realm=\"Authentication required\", charset=\"UTF-8\"",
+            ));
+        }
     } else if let Some(sqlx::Error::PoolTimedOut) = e.downcast_ref() {
         use rand::Rng;
         resp.status(StatusCode::TOO_MANY_REQUESTS).insert_header((

tests/errors/mod.rs

@@ -4,6 +4,7 @@ use actix_web::{
 };
 
 use crate::common::req_path;
+mod basic_auth;
 
 #[actix_web::test]
 async fn test_privileged_paths_are_not_accessible() {